Hi
I am not sure if this has already been discussed in the forums but i could not find a definitive help in this regard.
Basically when i run logstash as a systemd service , whenever logstash gets log files for processing i can see that there is a high cpu usage by the systemd-journal process and not much on either logstash or elasticsearch. I dont want to maintain the stdout in the journal logs. How can i redirect this output that logstash is generating to /dev/null ?
My logstash conf file is as shown below:
input {
file {
start_position => "beginning"
path => "/home/logstash/xxxx/*"
sincedb_path => "/home/logstash/sincedb_xxxx"
mode => "read"
}
}
filter {
json {
source => "message"
}
}
output {
elasticsearch {
hosts => "http://localhost:9200"
index => "xxxx"
}
stdout {}
}